Use the Lexology Navigator tool to compare the answers in this article with those from other jurisdictions.

Electronic marketing and internet use

Electronic marketing Are there rules specifically governing unsolicited electronic marketing (spam)? Law 3471/2006 on the protection of personal data in the electronic communications sector transposed EU Directive 2002/58/EC into national law and introduced new rules on spam. The use of electronic communications (eg, email, fax, automatic calling machines) for the purpose of direct marketing is permitted only if the data subjects have given their prior consent (opt-in system), unless there is an existing customer relationship or a prior transaction has been concluded (restoration of the opt-out rule). In order to ensure compliance with the data protection rules, the Hellenic Data Protection Authority has issued its Guidelines 2/2011, which set out best practices for obtaining consent by electronic means for the purposes of direct marketing.

Cookies Are there rules governing the use of cookies? Law 4070/2012 introduced provisions governing cookies into Greek law. Cookies (or similar technologies) can be used to store information or gain access to information stored on the technical equipment of a subscriber or user, as long as he or she has given informed consent. If the data subject has not been provided with clear and comprehensive information on cookie use, his or her consent is not considered valid. Consent can also be given via browser or other application settings. In this case, and in accordance with guidance from the Hellenic Data Protection Authority, consent must be given for every single cookie to be installed. General and abstract consent to all cookies provided via browser or other application settings is prohibited.

Exceptionally, consent is not required for technical storage or access for the sole purpose of transmitting a communication through an electronic communications network, or which is strictly necessary for the provision of information society services explicitly requested by the subscriber or user. The Hellenic Data Protection Authority stipulates that cookies installed for the purpose of online advertising are expressly excluded from this exemption; thus, data subjects should explicitly consent to the installation of both ‘first-party’ cookies and ‘third-party’ cookies.

Click here to view the full article.